NicTheGeek

I've been working with IT for a long time...

European General Data Protection Regulation

The concept of an EU common data privacy policy was first proposed in 2012 and has now been agreed upon by the EU commission, parliament and council.

Quoting from the press notice released 15th December (http://europa.eu/rapid/press-release_IP-15-6321_en.htm):

The GeneralData Protection Regulation will enable people to better control their personal data. At the same time modernised and unified rules will allow businesses to make the most of the opportunities of the Digital Single Market by cutting red tape and benefiting from reinforced consumer trust.

The Data Protection Directive for the police and criminal justice sector will ensure that the data of victims, witnesses, and suspects of crimes, are duly protected in the context of a criminal investigation or a law enforcement action. At the same time more harmonised laws will also facilitate cross-border cooperation of police or prosecutors to combat crime and terrorism more effectively across Europe.

This press release also states the following:

European rules on European soil– companies based outside of Europe will have to apply the same rules when offering services in the EU.

I would suggest also taking a look at the following URL as it headlines penalties for non-compliance and data privacy breach – €100million fine?